Overview
Work History
Education
Skills
Certification
Timeline
Generic

Kevin Bartnick

Raleigh,NC

Overview

10
10
years of professional experience
1
1
Certification

Work History

Manager

Deloitte
01.2025 - Current
  • Managed and motivated employees to be productive and engaged in work.
  • Accomplished multiple tasks within established timeframes.
  • Maintained professional, organized, and safe environment for employees and patrons.
  • Enhanced customer satisfaction by resolving disputes promptly, maintaining open lines of communication, and ensuring high-quality service delivery.
  • Company Overview: Consulting firm providing services to various government agencies including the U.S
  • Air Force
  • Consult the AF on Security Engineering and Continuous Monitoring using NIST and DOD Risk Management Framework (RMF)
  • The team serves as the Authorizing Official Designated Representative (AODR) for Logistics Information Systems and Operational Technology across the Air Force
  • Prepare ATO (Authorization to Operate) packages for systems coming into the Air Force Logistics Authorization Boundary
  • Prepare AF PMO (Personnel Management Office) for upcoming 'Continuous Monitoring' audits
  • The team augments core DOD RMF practices with the best that the National Institute of Standards and Technology (NIST) offers, incorporating industry best practices
  • Activities include participation in systems migrating to cloud environments, IoT assessments, and system consolidation
  • The team delivers to the US Air Force Warfighter secure web-based capabilities, in AWS and Azure cloud environments, up to SECRET and traditional legacy DOD configurations
  • Consults PMO on the implementation of DISA STIGS (Security Technical Implementation Guide)
  • Coordinates tasks, assists in functional validations, and collaborates with key stakeholders in order to manage expectations with ISSM’s
  • Reviews relevant policies, scheduling activities, and recommending courses of action/tasks to reduce cybersecurity risk while balancing mission requirements within allocated resources
  • Acts as liaison between program managers, functional managers, AF logistic leaders to analyze, document, assess, and manage security and mission requirements
  • Consulting firm providing services to various government agencies including the U.S Air Force

Senior Security Consultant/Action Officer-Authorizing Official Designated Representative (AODR) Authorization Team

Deloitte Consulting
03.2023 - Current
  • Company Overview: Consulting firm providing services to various government agencies including the U.S
  • Air Force
  • Consult the AF on Security Engineering and Continuous Monitoring using NIST and DOD Risk Management Framework (RMF)
  • The team serves as the Authorizing Official Designated Representative (AODR) for Logistics Information Systems and Operational Technology across the Air Force
  • Prepare ATO (Authorization to Operate) packages for systems coming into the Air Force Logistics Authorization Boundary
  • Prepare AF PMO (Personnel Management Office) for upcoming 'Continuous Monitoring' audits
  • The team augments core DOD RMF practices with the best that the National Institute of Standards and Technology (NIST) offers, incorporating industry best practices
  • Activities include participation in systems migrating to cloud environments, IoT assessments, and system consolidation
  • The team delivers to the US Air Force Warfighter secure web-based capabilities, in AWS and Azure cloud environments, up to SECRET and traditional legacy DOD configurations
  • Consults PMO on the implementation of DISA STIGS (Security Technical Implementation Guide)
  • Coordinates tasks, assists in functional validations, and collaborates with key stakeholders in order to manage expectations with ISSM’s
  • Reviews relevant policies, scheduling activities, and recommending courses of action/tasks to reduce cybersecurity risk while balancing mission requirements within allocated resources
  • Acts as liaison between program managers, functional managers, AF logistic leaders to analyze, document, assess, and manage security and mission requirements
  • Consulting firm providing services to various government agencies including the U.S
  • Air Force

Senior Security Consultant/System Security Manager

Deloitte Consulting
08.2021 - 03.2023
  • Company Overview: Consulting firm providing services to various government agencies including the US Department of State
  • Manage eleven US Passport applications using guidelines such as the Federal Risk and Authorization Management Program (FedRAMP) and Risk Management Framework (RMF) to keep the applications in compliance
  • Manage eleven Passport applications and all systems have received an Authorization to Operate (ATO)
  • Run the entire ATO process (From RMF Step 1-6)
  • Work closely with the assessment team and the ISSO team
  • Provide technical support for remediation of vulnerabilities detected in the Consular Affairs Passport and Visa Systems
  • Analyze vulnerability scan results for US passport applications and provide weekly reports to the Government
  • Create security impact analysis, contingency plans, and perform ad-hoc vulnerability analyses
  • Perform security reviews of official change requests for DoS control boards
  • Use continuous monitoring software(iPost) tools to analyze and review security scan outputs (vulnerabilities) and engage stakeholders in the remediation efforts
  • Responsible for POA&M management and the coordination of security related items within teams
  • Consulting firm providing services to various government agencies including the US Department of State

Senior Security Consultant/System Security Manager

Deloitte Consulting
12.2020 - 08.2021
  • Company Overview: Consulting firm providing services to various government agencies including the US Department of Commerce
  • Managed the Authorization to Operate process (ATO) for several FedRAMP government systems
  • Used Tableau to populate data visualization tools to report vulnerability metrics to the Federal Government ISSO
  • Run the entire ATO process (From RMF Step 1-6)
  • Maintained and updated infrastructure and network documentation
  • Facilitated and led the weekly discussions with the security assessors regarding the ATO process
  • Performed various ISSO responsibilities
  • Responsible for POA&M management and the coordination of security related items within teams
  • Consulting firm providing services to various government agencies including the US Department of Commerce

IT Security Consultant/Risk Management Engineer

Pernix
05.2020 - 11.2020
  • Company Overview: Consulting firm providing IT security services to the US Department of State
  • Supported the DoS Consular Affairs Enterprise Infrastructure Operations team that provides critical information technology resources to approximately 250 overseas posts
  • Prepared documentation from the information obtained from the customer using Risk Management Framework
  • Run the entire ATO process (From RMF Step 1-6)
  • Provided Assessment and Authorization (A&A) support in the development of security and contingency plans and conducted complex risk and vulnerability assessments
  • Provided technical and Information assurance to internal/external customers
  • Conducted security program audits and developed solutions to manage risks
  • Created security and contingency plans for FedRAMP government systems
  • Consulting firm providing IT security services to the US Department of State

Information Technology Security Engineer

VMD Corporation
03.2019 - 05.2020
  • Company Overview: IT services company providing support to the US Department of State
  • Maintained the security compliance of 200+ servers on two networks within the Department of State including deploying patches, monitoring alerts, and verifying account access
  • Assisted in developing and maintaining information related to the DoS Disaster Recovery Plan
  • Prepared ATO packages for the AODR
  • Monitored Splunk dashboards and developed reports for DOS Management
  • Managed POA&Ms
  • Participated in bi-weekly simulation testing to ensure the disaster recovery plan was effective
  • Updated hardware/software documentation to assist in the Disaster Recovery Process
  • Ensured all new servers were configured with appropriate applications before deployment
  • IT services company providing support to the US Department of State

Information Technology Security Engineer

Zolon Tech Inc.
09.2018 - 03.2019
  • Company Overview: IT services company providing support to the US Department of State
  • Responsible for ensuring assigned Department of State applications and servers were security compliant according to NIST Standards
  • Assisted in the remediation of POA&M’s which identified and monitored the progress of corrective efforts on security weaknesses found in assigned applications and servers
  • Used the Assessment & Authorization process to evaluate policies, security controls, safeguards, and vulnerabilities
  • Performed and analyzed vulnerability scans of DOS applications/servers
  • Assisted in development of Information Systems Contingency Plans for assigned servers
  • Used VMware in monitoring VMX files to ensure systems/servers were security compliant
  • IT services company providing support to the US Department of State

System Administrator

SAIC
10.2017 - 09.2018
  • Company Overview: IT services company providing support to the US Department of State
  • Assigned to Department of State Systems Management Department, Mobile & Remote Access Division and responsible for mobile devices for DoS employees, both CONUS and OCONUS, to ensure each device was operated, maintained, retired, refurbished, destroyed in accordance with Department of State security standards
  • Provided technical support including Remedy Incident Management, MCMS remote access processing, Active Directory account management, RSA token pushes and pin resets, mobile device access and Citrix Client troubleshooting
  • Communicated outages and provided updates to Senior Watch Officers
  • IT services company providing support to the US Department of State

Personnel Security Specialist

SAIC
05.2016 - 09.2017
  • Company Overview: IT services company providing support to the US Department of State
  • Supported a 1000+ employee US Department of State contract by providing daily security assistance and program support in a wide range of security functional areas including: personnel, industrial, information, and general security administration
  • Conducted security related briefings including indoctrination, security refresher, foreign travel briefings/debriefings and overall program performance
  • Tracked security clearance investigations and maintained JPAS and e-QIP
  • Served as the liaison between contracting officer, DOD, CAF and security personnel and served as the acting facility security officer, as needed
  • IT services company providing support to the US Department of State

Special Investigator

KeyPoint Government Solutions
05.2015 - 05.2016
  • Company Overview: Government services company conducting background investigations for the United States Office of Personnel Management
  • Conducts background investigations on behalf of the United States Office of Personnel Management for individuals who would occupy positions where a determination of suitability for employment or access to classified information was required
  • Investigates inconsistencies, missing information, and conflicting information uncovered during the investigation process
  • Prepares reports based on interview and investigation results
  • Government services company conducting background investigations for the United States Office of Personnel Management

Education

Bachelor of Science -

James Madison University
Harrisonburg, VA
05-2014

Skills

    Customer service

  • Team leadership
  • Time management
  • Decision-making
  • Cybersecurity Risk Management Framework for IT Systems
  • NIST 800-53 Rev 4 & 5
  • Cybersecurity Assessments/Audits
  • Incident Response
  • Cybersecurity Engineering
  • Application Security
  • Authorization to Operate
  • Assessment & Authorization
  • Continuous Monitoring
  • POA&M Remediation
  • Amazon Web Services (Cloud Knowledge)
  • Systems: eMASS, ITIPS, iPost, Remedy, Confluence, Xacta, Splunk
  • Tableau
  • DOD Experience
  • DISA STIGS
  • Splunk Coding-Intermediate Knowledge
  • Certified Agile Professional

Certification

  • CompTIA Security+ Certification – Computing Technology Industry Association.
  • Certified ScrumMaster (CSM) - Scrum Alliance
  • Certified Amazon Cloud Practioner AWS 2022

Timeline

Manager

Deloitte
01.2025 - Current

Senior Security Consultant/Action Officer-Authorizing Official Designated Representative (AODR) Authorization Team

Deloitte Consulting
03.2023 - Current

Senior Security Consultant/System Security Manager

Deloitte Consulting
08.2021 - 03.2023

Senior Security Consultant/System Security Manager

Deloitte Consulting
12.2020 - 08.2021

IT Security Consultant/Risk Management Engineer

Pernix
05.2020 - 11.2020

Information Technology Security Engineer

VMD Corporation
03.2019 - 05.2020

Information Technology Security Engineer

Zolon Tech Inc.
09.2018 - 03.2019

System Administrator

SAIC
10.2017 - 09.2018

Personnel Security Specialist

SAIC
05.2016 - 09.2017

Special Investigator

KeyPoint Government Solutions
05.2015 - 05.2016

Bachelor of Science -

James Madison University

Similar Profiles

CREATE PROFILE
Kevin Bartnick